Please enable JavaScript.
Coggle requires JavaScript to display documents.
Unit 3 revisions notes ((1.2 TYPES OF SECURITY INCIDENTS (Unauthroised…
Unit 3 revisions notes
1.1 CYBER SECURITY AIMS TO PROTECT INFO
CIA Triad
Integrity
this is a level of assurance regarding accuracy and trustworthiness of the data.
Availability
the level of assurance that the data will be available to those who needs it when they want it.
personal:
unable to access bank accounts.
unable to pay bills.
unable to access diary info.
organisational:
unable to fulfil customer orders.
unable to fulfil employee salary payments.
unable to fulfil instructions for carrying processes.
Confidentiallity
rules that restrict acess only to those who need to know.
Personal data such as:
financial position
embarrasing photos - employees shouldnt be seeing.
organisational data:
-customer details
financial data
personnel records
Government data:
national security.
defence plans.
international negotiations
what is cyber security
it is how organisations and individuals protect their information assests, data, software and hardware. CIA Triad
Malware
Malicious software, includes viruses, worms, trojan horses, spyware. this software can harm the system, computer or individual who is using it.
1.2 TYPES OF SECURITY INCIDENTS
Unauthroised access
this is the activity intended to gain access to data, networks and computer system hardware/software without the permission of the owner or other responsible individuals
unauthorised modification
this is the changing of data, information, programs or documentation without permission
unauthorised disclosure
this is allowing information to pass on to any person or any organisation without any permission.
Destruction
Data can be destroyed intentionallythrough the introduction of malware such as viruses or trojan horse software.
theft
stealing data can be very profitable. Hackers will obtain access to specific info about individuals, to create new identities, set up new bank accounts etc
1.3 THE IMPORTANCE OF CYBER SECURITY
consequences of theft/misuse
names and addresses
ordering goods with your details and intercepting the delivery
intercepting postal mail to obtain further detailed information about you
bank details
creation of mortgages, bank accounts, loans without your knowledge.
withdrawal of funds.
closure of legitimate accounts
health records
refusal of personal insurance.
loss of job oppurtunities.
altering records to give a false impression.
the need to protect an organisations data
organisations are required to take steps in keeping information secure. Failure to do so can result in high fines, appearances in court, bad publicity from press and a loss of customer interest.
intellectual property is also an importance source of income for companies, but if the results of research were to be stolen or made public, then the ownership of any innovation could be disputed, resulting in further court dates.
publications of development plans could result in a rise in the price of land/buildings/competitors could adjust their own plansto take advantage of this knowledge.
2.1 THREATS TO CYBER SECURITY